Cupid Media violated Australia's privacy act, investigation finds

The Australian Privacy Commissioner concluded its investigation of Cupid Media and found that the company breached the country's Privacy Act 1988 by failing to secure users' personal information.

The government ruling comes after the dating website group announced that 254,000 of its users' names, dates of birth, email addresses and passwords were stolen in a January 2013 breach, according to a press release. The commissioner's investigation of the breach found that Cupid Media had no password encryption processes in place during the breach.

However, because of its cooperation and remedial response, Cupid Media has no fines to pay or further steps to follow.

Initial reports said that up to 42 million users' information was compromised and a large chunk of the users used ‘123456' as their password.

Get SC Media delivered to your inbox

Whitepaper of the Day

Newswire

Buzz

I would like to receive relevant information via email from Haymarket Media.

SC Media arms cybersecurity professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.